When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port (and not the tls-auth-port) or over over TCP over the regular port, when the other conditions of the provide-xfr rule match.
References
| Link | Resource |
|---|---|
| https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12490.txt | Patch Vendor Advisory |
Configurations
History
26 Jun 2026, 02:08
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Nlnetlabs
Nlnetlabs nsd |
|
| References | () https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12490.txt - Patch, Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:a:nlnetlabs:nsd:*:*:*:*:*:*:*:* |
25 Jun 2026, 07:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 07:16
Updated : 2026-06-26 02:08
NVD link : CVE-2026-12490
Mitre link : CVE-2026-12490
CVE.ORG link : CVE-2026-12490
JSON object : View
Products Affected
nlnetlabs
- nsd
